<?php 
session_start();
include_once "../config.php";
require_once "./libs/functions.php";

$username = $_POST['username']; 
$password = $_POST['password'];

$username = safeHanler($username);
$password = safeHanler($password);

$sql = "
select * from admin where username='$username' and
password='$password' limit 1
";
        // select * from admin where username='a' or '1=1' and ;
$result = $conn->query($sql);

if ($result->num_rows > 0) {  
	$rows = array();
	while($row = $result->fetch_assoc()) {
            array_push($rows, $row);        
    }
    
	$_SESSION['uid'] = $rows[0]['id'];
	$_SESSION['name'] = $rows[0]['username'];
    header("location:index.php");
}else {
	header("location:login.php");
}
?>

